Vulnerability in Mandrakesoft Mandrake_linux
CVE-2007-1352
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
EPSS: 0.015 (71.3th percentile) — read the EPSS interpretation.
Affected products
- Mandrakesoft Mandrake_linux — versions 9.1, 9.2, 10.0
- Mandrakesoft Mandrake_linux_corporate_server — versions 3.0, 4.0
- Mandrakesoft Mandrake_multi_network_firewall — versions 2.0
- Openbsd — versions 3.9, 4.0
- Rpath Linux — versions 1
- Slackware Slackware_linux — versions 9.0, 9.1, current
- Turbolinux Turbolinux_desktop — versions 10.0
- X.org Libxfont — versions 1.2.2
- Redhat Enterprise_linux — versions 2.1, 3.0, 4.0
- Redhat Enterprise_linux_desktop — versions 3.0, 4.0, 5.0
References
- secalert@redhat.com (x_refsource_IDEFENSE, third-party-advisory)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (x_refsource_OVAL, signature, vdb-entry)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (vdb-entry, x_refsource_BID)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)